Guest Arkael Posted June 24, 2010 Report Share Posted June 24, 2010 Hi, Hi, I've recently installed OpenVPN on my HTC Tattoo phone, all certificates are ok , and i can connect to my server, log files seems to be ok. My problem is thats i simply cannot ping or browse the server network from the phone... cannot ping VPN IP or local network IP.. nothing at all. so i decided to configure client on a Windows computer, all is ok, no problem at all... with same configuration and same certificates... Anyone had same issue? What do you think i should check? server config: port 1194 proto udp dev tun ca /mnt/C/sys/etc/ca.crt cert /mnt/C/sys/etc/server.crt key /mnt/C/sys/etc/server.key # This file should be kept secret dh /mnt/C/sys/etc/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "route 192.168.3.0 255.255.255.0" tls-auth /mnt/C/sys/etc/ta.key 0 max-clients 2 user nobody group nobody persist-key persist-tun log-append /var/log/messages verb 4 and the client client dev tun proto udp remote XXXXXXX.dyndns.org 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key tls-auth ta.key 1 comp-lzo verb 3 Link to comment Share on other sites More sharing options...
Guest cyde Posted June 25, 2010 Report Share Posted June 25, 2010 Well, I have it working for a while now, so I have checked my client config file (that works) with the file you have and I have the following differences. client // yep got this dev tun // yep got this dev-node /dev/tun // I have this one and you dont proto udp // I have proto tcp, so I have never tried it with UDP. dont know how functional this is. remote XXXXXXX.dyndns.org 1194 // yeah. got this but with port 443 resolv-retry infinite // yeah, got this one. nobind // ditto persist-key // ditto persist-tun // and again ca ca.crt // for these I actaully have the absolute location eg. /sdcard/certs/ca.crt cert client.crt // and so on...... key client.key // and again, absolute path. tls-auth ta.key 1 // I have this commented out with a ; comp-lzo // yep got this verb 3 // and this one. Additional options that I have set and that work are: reneg-sec 0 // this allows the server to decide whe to re-negotiate keys //I also have the "auth" crypt cypher set tls-remote <value> // I have this set. suggest you run busyboxy in your phone and run the openvpn from the command line, so you can see the log. hope this helps in some way. I have this running on HTC Hero (2.1 HeroSense Rom). -RandyL Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now